Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1391	8.8	重要 Network	マイクロソフト	Windows Admin Center	Azure potal 上の Windows Admin Center の特権昇格の脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41086	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1392	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 11 25h2 Microsoft Windows 10 22h2 Microsoft Windows Server 2022 Microsoft …	WinSock 用 Windows Ancillary Function Driver の特権の昇格の脆弱性	CWE-73 ファイル名やパス名の外部制御	CVE-2026-41088	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1393	9.8	緊急 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microso…	Windows Netlogon のリモートでコードが実行される脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-41089	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1394	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microso…	Data Deduplication Elevation of Privilege Vulnerability	CWE-416 解放済みメモリの使用	CVE-2026-41095	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1395	9.8	緊急 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 11 25h2 Microsoft Windows 11 26h1 Microsoft Windows 11 24h2 Microsoft Wind…	Windows DNS クライアントのリモートでコードが実行される脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-41096	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1396	6.7	警告 Local	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 22h2 Microsoft Windows 11 25h2 Microsoft Windows Server 2022 Microsoft …	セキュアブートのセキュリティ機能のバイパスの脆弱性	CWE-1329 アップデートができないコンポーネントへの依存	CVE-2026-41097	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1397	4.4	警告 Local	マイクロソフト	Microsoft 365 Copilot	Android 用の Microsoft 365 Copilot のスプーフィングの脆弱性	CWE-284 CWE-Other	CVE-2026-41100	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1398	5.5	警告 Local	マイクロソフト	Microsoft Word	Microsoft Edge for Android のスプーフィングの脆弱性	CWE-284 CWE-noinfo	CVE-2026-41101	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1399	5.5	警告 Local	マイクロソフト	Microsoft PowerPoint	Microsoft PowerPoint for Android のスプーフィングの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41102	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

1400	7.4	重要 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) の情報漏えいの脆弱性	CWE-610 CWE-73	CVE-2026-41107	2026-05-18 11:31	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345611	-	sybase	easerver	EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection …	NVD-CWE-Other	CVE-2006-1829	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345612	-	sun	java_studio_enterprise	Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors.	NVD-CWE-Other	CVE-2006-1830	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345613	-	netbsd	netbsd	Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to m…	NVD-CWE-Other	CVE-2006-1833	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345614	-	empire_server	empire_server	Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions.	CWE-134 Use of Externally-Controlled Format String	CVE-2006-1840	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345615	-	cynical_games	shoutbook	Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) LOCATION and (2) URL parameters. NOTE: the provenan…	NVD-CWE-Other	CVE-2006-1843	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345616	-	francisco_burzi	php-nuke	SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote attackers to execute arbitrary SQL commands via the user_id parameter in the Your_Home functionality. NOTE:…	NVD-CWE-Other	CVE-2006-1847	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345617	-	skymarx_solutions	xflow	Multiple SQL injection vulnerabilities in members_only/index.cgi in xFlow 5.46.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) position and (2) id parameter.	NVD-CWE-Other	CVE-2006-1849	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345618	-	skymarx_solutions	xflow	Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) level, (2) position, (3) id, and (4) action …	NVD-CWE-Other	CVE-2006-1850	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345619	-	skymarx_solutions	xflow	xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the (1) action parameter to members_only/index.cgi and (2) page parameter customer_area/ind…	NVD-CWE-Other	CVE-2006-1851	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

345620	-	scriptsfrenzy	article_publisher_pro	SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter.	NVD-CWE-Other	CVE-2006-1852	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm